mirror of
https://github.com/kevinveenbirkenbach/computer-playbook.git
synced 2025-04-28 18:30:24 +02:00
42 lines
1.3 KiB
Django/Jinja
42 lines
1.3 KiB
Django/Jinja
{% for app, config in applications.items() %}
|
|
dn: cn={{ app }}-administrator,{{ldap.dn.application_roles}}
|
|
objectClass: top
|
|
objectClass: organizationalRole
|
|
cn: {{ app }}-administrator
|
|
description: Administrator role for {{ app }} (automatically generated)
|
|
|
|
dn: cn={{ app }}-user,{{ldap.dn.application_roles}}
|
|
objectClass: top
|
|
objectClass: organizationalRole
|
|
cn: {{ app }}-user
|
|
description: Standard user role for {{ app }} (automatically generated)
|
|
|
|
{% endfor %}
|
|
|
|
{% for username, user in users.items() %}
|
|
|
|
#######################################################################
|
|
# Assign {{ username }} to application user roles
|
|
#######################################################################
|
|
{% for app, config in applications.items() %}
|
|
|
|
# Assign {{ username }} to {{ app }}-users
|
|
|
|
dn: cn={{ app }}-user,{{ ldap.dn.application_roles }}
|
|
changetype: modify
|
|
add: roleOccupant
|
|
roleOccupant: {{ ldap.attributes.user_id }}={{ username }},{{ ldap.dn.users }}
|
|
|
|
{% if users.is_admin | default(false) | bool %}
|
|
|
|
# Assign {{ username }} to {{ app }}-administrator
|
|
dn: cn={{ app }}-administrator,{{ ldap.dn.application_roles }}
|
|
changetype: modify
|
|
add: roleOccupant
|
|
roleOccupant: {{ ldap.attributes.user_id }}={{ users.administrator.username }},{{ ldap.dn.users }}
|
|
|
|
{% endif %}
|
|
|
|
{% endfor %}
|
|
|
|
{% endfor %} |